From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id AB74EDA2 for ; Wed, 22 Aug 2018 13:48:17 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi0-f47.google.com (mail-oi0-f47.google.com [209.85.218.47]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4AFF3786 for ; Wed, 22 Aug 2018 13:48:17 +0000 (UTC) Received: by mail-oi0-f47.google.com with SMTP id k12-v6so3193268oiw.8 for ; Wed, 22 Aug 2018 06:48:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jtimon-cc.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=wx7Uue3IjXs4UmY4ELK25Sp4drN4saaVVkTa3zui7Ts=; b=LxcspguFH5Qd1IFPgeuKQxlfaPHytrsDuoewHKk7o2i/Kic4UQNgsCnKUaLdG2vT6d p1IAddziYgK+YWFWi6E9cKdk7+m5s99VXYqhnuxOmkeaJ4unyoTl2hxEjUj1TqjQstqx aJUnLOUfmZvYXsbUcObUVWPq2BWZmcZAaMHvMm8O/C+bQMJg+alR5DwYuUHuBuKQJYjX +E7E/v5G7XHv+350CZVt17gIM7OxU1Gf1Lkp4F4eWyPRqDviYpwH1imQ8IdHOnIFKjKN 7fRVeQqNLAJsEUxt+aCqUbLbDeC6ZRWVMu4Fgan9xt5TDmY3jh/yhhhg7v0EIa3qWnxN bUXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=wx7Uue3IjXs4UmY4ELK25Sp4drN4saaVVkTa3zui7Ts=; b=RenPNL7HO3gqFu/Fy0zQAbVLKpoZF1ZRz6wtf/H738lATn2hnMpMqqgbCp9vhTrvTw 2oeQMEB9PV8Vf9x0IIZxuS9dAvQe+/aLpWWUrfPgp06Oj1Tb0+FA8zvttiK9TMZKUVii QWOZAjISUPVSos4ylB/xVrTaG1DtvYpjNFi1p/0765btsTRIVylygYol/bk5giZMi3zf XdxzGMK4TXpPdgBlx+Hb7JaPGUlxkPCtA5dchPqIa/VfC79HIg8TyKM2QerDT1U05hG2 fltYM664JpRMfEjRiaan7/to0AO7yMYzk8oZged9oP4zDucZXwildkTvWQmcmL0b58c/ lHzw== X-Gm-Message-State: APzg51Bh7faXulOro8/JtahoJRbvNU4UNH1szwqkSML6eYFBOCW6nBuG aeUkemarC/mZJ+pxNVztpiC4OxMnBC1ab1M9lozHd7fHv+NIUA== X-Google-Smtp-Source: ANB0VdZUv8RZ5t33F3Xud6ExsG8t4i7LTuHimYC7LFhW3n9ggd3yI3DRENFOL60siCk1jHi/zdGtG/Grtqyg2pBE10c= X-Received: by 2002:aca:1719:: with SMTP id j25-v6mr4123014oii.138.1534945696465; Wed, 22 Aug 2018 06:48:16 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a4a:d1b3:0:0:0:0:0 with HTTP; Wed, 22 Aug 2018 06:48:16 -0700 (PDT) In-Reply-To: References: From: =?UTF-8?B?Sm9yZ2UgVGltw7Nu?= Date: Wed, 22 Aug 2018 15:48:16 +0200 Message-ID: To: Gregory Maxwell , Bitcoin Protocol Discussion Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, FROM_EXCESS_BASE64, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 22 Aug 2018 23:02:23 +0000 Subject: Re: [bitcoin-dev] Getting around to fixing the timewarp attack. X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 13:48:17 -0000 I only knew about ArtForz's fix, which isn't backwards compatible. https://github.com/bitcoin/bitcoin/compare/0.11...jtimon:hardfork-timewarp-0.11 https://github.com/bitcoin/bips/blob/master/bip-0099.mediawiki#code On Mon, Aug 20, 2018 at 10:14 PM, Gregory Maxwell via bitcoin-dev wrote: > Since 2012 (IIRC) we've known that Bitcoin's non-overlapping > difficulty calculation was vulnerable to gaming with inaccurate > timestamps to massively increase the rate of block production beyond > the system's intentional design. It can be fixed with a soft-fork that > further constraints block timestamps, and a couple of proposals have > been floated along these lines. > > I put a demonstration of timewarp early in the testnet3 chain to also > let people test mitigations against that. It pegs the difficulty way > down and then churned out blocks at the maximum rate that the median > time protocol rule allows. > > I, and I assume others, haven't put a big priority into fixing this > vulnerability because it requires a majority hashrate and could easily > be blocked if someone started using it. > > But there haven't been too many other network consensus rules going on > right now, and I believe at least several of the proposals suggested > are fully compatible with existing behaviour and only trigger in the > presence of exceptional circumstances-- e.g. a timewarp attack. So > the risk of deploying these mitigations would be minimal. > > Before I dust off my old fix and perhaps prematurely cause fixation on > a particular approach, I thought it would be useful to ask the list if > anyone else was aware of a favourite backwards compatible timewarp fix > proposal they wanted to point out. > > Cheers. > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev